Sona Systems : Privacy

Company

View this privacy policy in PDF
Privacy Policy - PDF (101 kb)


Effective Date: March 9, 2016

This is Sona Systems, Ltd’s. (Company) privacy policy (Policy). If you are a customer, it is part of your contract with the Company. For customers in the United States; Canada (unless set out on your invoice); and South America, Company transmits data to servers located in the United States. For data subject to the European Union’s Data Protection Directive, Company has certified that it complies with the U.S.-EU Safe Harbor Framework as set forth by the U.S. Department of Commerce. For data subject to Switzerland’s Federal Act on Data Protection, Company has certified it complies with the U.S.-Swiss Safe Harbor Framework as set for by the U.S. Department of Commerce. To learn more about the Safe Harbor programs, and to view Company’s certification, please visit http://www.export.gov/safeharbor/. Company complies with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information from European Union member countries and Switzerland. Company has certified that it adheres to the Safe Harbor Privacy Principles of notice, choice, onward transfer, security, data integrity, access, and enforcement. To learn more about the Safe Harbor program, and to view Company’s certification, please visit http://www.export.gov/safeharbor/. The EU Safe Harbor program is due to be superseded by the EU Privacy Shield later this year. Until such time any data collected will be in compliance with Safe Harbor. This Policy covers sites administered by Company on behalf of customers and all information held by Company and processed using systems associated with these sites.


This Policy and Company’s privacy practices have been reviewed by eTrust, and have been awarded eTrust’s “PrivacyTrust Seal.” In addition, Company’s privacy practices and this Policy comply with eTrust’s program requirements including transparency, accountability and choice regarding the collection and use of personal information. eTrust's mission, as an independent third party, is to accelerate online trust among consumers and organizations globally through its leading privacy trustmark and innovative trust solutions.


If you have questions about this Policy, or complaints about the way information is handled under it, please contact Company first at [support@sona-systems.com] or by mail at Sona Systems, Trummi 5, 12616 Tallinn, ESTONIA. If you have a question regarding our privacy policy please contact us. If, however, you are unhappy with our response to your concerns, you can raise an issue with eTrust, who are an independent third party dispute resolution service. They will work with us to ensure that your query is resolved. You can contact eTrust here: http://www.etrust.org/about/privacy_contact.php. If your invoice states that your data is transmitted to servers not in the United States, you should contact your data protection authority and not eTrust.


The most recent version of this Policy will always be available at this address. Any changes to this policy,other than necessary to remedy typographical errors, will be announced by email to the primary address you have on file with us.


This privacy policy applies to the following information:

• Information necessary to provide Company’s services to customers; and
• Information processed by Company while providing services to customers.

How Company uses information necessary to provide Company’s services to customers


Company collects the following information from customers when they purchase its services (the “Customer Record”):

• Customer corporate name;
• Contact name of an individual at customer’s location who is responsible for the services;
• Email addresses provided to Company by the customer as contact points;
• Physical address; and
• Payment information.

Information that is part of the Customer Record will be used by Company to:

• Collect payment;
• Market Company’s services to the customer;
• Contact the customer about issues related to the service; and
• Contact the customer about issues of general interest to Company’s customers;
• In response to an inquiry about the status of Company’s services and to provide troubleshooting about those services.

The Customer Record may be shared with third parties in the following circumstances:

• To collect payment; and
• To comply with a law or regulation requiring disclosure.

The Customer Record will only be sold by Company in conjunction with the sale, or other acquisition, of its business. It is not otherwise sold or rented to third parties.

The Company does not market to individuals under thirteen years of age, and does not knowingly collect information directly from these individuals.

Customers may opt out of providing information for their Customer Record by declining to be Customers. Providing information for a Customer Record is required to become a Customer.

How Company uses information processed by it while providing services to customers


Company’s services process the following personally identifiable information provided to Company by its customers (the “Subject Information”). Company does not collect this information independently:

• Full name and email address of each user, and user’s language preference for the system interface.
• Other information chosen by the customer in Company’s interface, which may include, but is not limited to: university identification number, telephone number, course enrollment information, study sign-up information, research data collected in online surveys, data collected as part of prescreening for eligibility in research studies.

Subject Information will be used by Company to:

• Perform the services as set out in the agreement between Company and its customer;
• To maintain the infrastructure that supports the services; and
• In response to an inquiry by the customer providing the Subject Information to Company to troubleshoot those services.

Subject Information will be provided to third parties in the following circumstances:

• To backup the Subject Information;
• As authorized by Company’s customer; and
• To comply with a law or regulation requiring disclosure.

Subject Information will only be sold by Company in conjunction with the sale, or other acquisition, of its business.

How Company uses other types of information


Cookies. Cookies are small data files that are placed automatically on a customer’s computer by our computers. These data files are read by our computer to determine whether you have visited our site before, how often, the length of time and which pages you view. Company use cookies to keep customers logged into its service; to collect transactional information about where its customers go during their use of our services and how they behave as well as to set language preferences. Cookies are not used in conjunction with Subject Information, and, other than as necessary to keep a customer logged into the services, do not identify an individual. Information collected using cookies is not sold by Company, or used outside the services, other than as necessary to provide the services to customers.

Statistical Information. Company uses statistical information to operate the infrastructure necessary to provide the services to customers and to diagnose problems with this infrastructure. Statistical information is the following: the IP address used by a customer, or subject, to access the services; page access information; study selection, modification, and other transactional information related to the studies and study sign-ups. Statistical information is not used in conjunction with Subject Information. Statistical information is not sold by Company, or used outside the services, other than as necessary to provide, troubleshoot, and bill the services to customers.

Credit Card Information. The Company directs Customers who seek to pay by credit card to PayPal. Information transmitted to PayPal is governed by their terms and conditions.

Deletion and Preservation of Information. Information covered by this Policy may be deleted upon a customer’s request. The Company may keep information covered by this Policy for a period of six months from the date of Customer’s termination of their relationship with Company, or as required by law.

Changing and Correcting Information If a customer wishes to access and/or update the information Company has collected, the customer may either log in to our website or client systems and view and change its information.